And the scams go on...

Page Tools

It is now nearly six months since representatives of Australian
banks sat
down in Melbourne to consider ways and means of minimising the
threat posed to their customers by the rash of phishing emails that
make the rounds every week.

Yet, despite many of these financial institutions reporting
extremely healthy profits for the year, only one organisation has
done
something to provide that additional layer of security to all
users.

Arguably, the one institution which has done so, Bendigo Bank,
was in a position to set in place a user-pays option because it
enjoys a greater degree of customer approval than any other bank in
the country.

The one-time authentication token which it put in place is also
being used by banks in other countries. A more expensive option,
adding one more layer of security, has also been on offer.

Yet no other bank has seen fit to put forward any such idea, be
it a home-grown solution or an imported one, which would
accommodate all its customers.

The fact that phishing scams are still around - and that the
perpetrators are becoming more and more sophisticated - is
illustrated by this example. In
terms of technique, these people are pretty sophisticated.

How much would it cost for one of the Australian big four banks
to offer their customers a free solution? Going by the Bendigo
example, the cost is $16.50 per user (the bank says this is the
cost).

Even if one rounds that off to $20 and makes a massive
over-estimation that a bank has 5 million customers, it comes to
$100 million - a small amount in the face of the billion and more
that is recorded as profit. And no bank has anything even remotely
like that many customers.

Nobody would expect a bank to offer the more sophisticated
option free; if the basic one were offered free, banks would gain
one thing which they have lost by the bucketload over the last few
years - customer approval.

However, like a Roman emperor of yore, they continue to
fiddle.

Yesterday, the online news site Crikey carried a letter from of
a customer of one bank who had $2000 go missing from his account.
There have been reports in these columns too about such
happenings.

The scams happen so regularly that they don't even merit
coverage any more. Yet customers are regularly being taken for a
ride as the occasional report does indicate.

What are the banks waiting for?

Update: Two readers write in to say that
Westpac has given business customers SecureID tokens. That changes
little: one still needs to ask - are these the only
people who are at risk from scams?